Workshop at VTI Izegem

On Januari 30 my fellow co-students in Applied Computer Science and I gave a workshop to a class of 5th and 6th graders at VTI Izegem . Our day was divided into two hands-on parts: one to teach developing with Flask API and the other to outline the intriguing world of web pentesting. How we combined learning with fun into practical experience is explained below!

Months of Meeting and Preparation

Before we could give life to our workshop, we had planned and prepared for several months. The regularity of our idea-brainstorming meetings, development, and tests on activities made each session that we were about to give a fun and educational experience for the 5th and 6th-grade students.

The Gateway to Web Development

First, we introduced them to a simple front-end site that we prepared beforehand. In a way, the front end was a way of organizing the ground for our Flask API—an empty slate that would be filled first with dynamic functionalities.

If anything was attained from this workshop, it was that students, in a figurative sense, got down and dirty creating and manipulating endpoints. Under the instructor’s guidance, they learned how to add new quotes, fetch, and display already existing ones, generate random quotes, and even clear the quotes from the list. More advanced tasks included getting the quotes by a specific index. That’s all with the help of Python programming.

Unleash, Decode, Crack!

The emphasis in the afternoon session was placed on cybersecurity, and the Pentesting unit was conducted to offer the student an opportunity to walk their feet into real-world situations, having them undertake hacking activities against a spoofed Prosperity Trust Bank website. The environment simulated this to be as near as possible to actual cybersecurity tasks but in a benign, safe environment.

Our challenges were intended to encompass the widest variety of tasks within Pentesting. Thus, students identified hidden data in the robots.txt file, extracted sensitive information from the metadata of images, and, with the help of OSINT, successfully breached security by pretending to be just users. They went on manipulating developer tools, examined network requests, and, using this information, navigated levels of protection to find hidden admin privileges.

Conclusion

The students had a very comprehensive dip into the world of Flask API and pen testing. Such practical exercises only serve to consolidate the theoretical knowledge of students and provide them with the groundwork to dig into real-world tech challenges.

Appreciation Note:
A big thank you to Lucas Guillemyn , Niels Soete , Robin Monsere , Michiel Stragier , Lukas Olivier and Sibren Eeckhout who arranged this event with me and the VTI Izegem staff for hosting. I appreciated every minute spent with these ambitious students of the next generation of tech geeks.

Try Your Hand at It:
Do you want to know more about what we have taught?

• Get our workshop materials by following this Google Drive link ;
• or check out the GitHub repository .